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REMARKS 

Claims 1 - 124 are pending in the Application. Claims 1, 69, 109, and 110 are 
currently amended. New Claims 125 and 126 are cunratly added. 

Claim Objection > , 

The Examiner sug^sted that "transport data monitor being operable to monitor" in 
claim 13 should read "transport data extractor being operable to monitor". 
Applicant maintains that cljrim 13 should recite "transport data monitor being 
operable to monitor", , as.^originally defined, in accordance with the description 
provided by the disclosure on, page 8, in lines 21-23: "Preferably, the networic is a 
packet-switched network, the data being transported comprises passing packets and 
the transport data monitor is operable to monitor header content of the passing 



Claim Rejections - 3S USC102 & 103 ' 

In this section of the official action. Claims 1-4^ if, 51, 56-65, 69, 70, 109, 1 10, 111, 
and 112 were'rejfected undbr 35^ UiSC 102(e) as .being anticipated by Kephart US 
Patent No. 6,732,149. 

The Examiner furttt^ rgected claims 69, 70, 73, 86, 87, 91-99 under 35 USC 
103(a) as being unpatcnt^le oVcr Kephart US Patent No. 6,732,149 in view of 
Olnowich US Patent No. 6,389,476, 

Favorable reconsideration of this rejection in view of the above amendments and 
die following explanations is reispectfully requested. 

The present application describes a system for network content monitoring and 
control. The system described by Ae present application relates to the monitoring of 
digital content, for enforcing copyright, secrecy, arid confidentiality with respect to 
the transported digital content. The present application defmes in the field of 
invaition section: "The pre^sehf iriv^tion relates to monitoring transport of digital 
content, particularly but not exclusively for the enforcemoit of digital copyright, 
secrecy, and confidentiaiity". 

The presem .invention aims, at controlling the movemenl of content of known 
documents, Mermlly general in. the organization's network in advance of the 
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movement of the content, thereby providing a proactive protection for the content, 
before an event of unauthorized or undesirable dissemination has occurred. 
With the present invention, transported figital content is examined. If Ae examined 
digital content is identified as bearing content of a known document internally 
generated by the : organization, yAnae the knovwi content is confidraitial, secret, 
protected by copyright, etc, the movement of the digital content identified as bearing 
content of the internally g««erflte</ docmnent ' may be limited according to a 
predefined policy with respect to the specific documemt. 

Kephart US Patent No. . 6,73.2,lf^?., teaches a system and a method for protection 
against SPAM, as described iii the field of inyentlpn section; "the pres^it invention 
relates to a system and rnethod fpr'automatically detecting and handling unsolicited 
and undesired electronic mail such as Unsolicited Commercial E-mail (UCE), also 
referredtoas."spam". .... 

Kephart examines electronic mail for determining if the mail bears patterns of SPAM, 
and blocks such mail. If a message is found aS;Undrairable, the system ^Ues a policy 
with respect to similar messages, >uft^^ whole process is triggered by "determining 
that transmission .or tecejirt of at 1m^ one specific electronic message is undesirable", 
that is, in a. reactive mtfn^^ present invention deals with a conceptually 

different proactive protection, where the content is first designated for protection, 
before an event of "undesirable transmission" occurred. 

Kephart does not disclose or even hint at a-, method or at an apparatus where a 
transported message is exarnined-fordetennining if .the message contains content of a 
known &^xmsse!L, ,gfn^ate^ advance of the examination, 

where the content may be coiifi^ndal, protected by copyright, etc, as taught by the 
present invention. ; , . . ^ . .. .. .■ . . 

Otoowich US Patent No. 6,389,476 relates, as described in the field of mvention 
section, pertains to digital parallel processing syst^s wherein a plurality of nodes is 
communicated via messages sent.oyer an interconnection network. More particularly, 
the invention relates to .a network adapter design for facilitating introduction of fester 
speed transmission products_into a network including slower products. 
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Ctoim 1, as cunently amenxied, defines a system for netwotk content monitoring, 
comprising: a transport data monitor, connectable to a point in a network, for 
monitoring data bdng tranq)qrted past Ae point, a description KCtractor, associated 
with the transport data monitor, for extracting descriptions of the data being 
transported, a database of at least , ojne preobtained description of known content 
whose movemearts it is desired to monitor, the content being internally generated in 
the network in advance of the extracting, the preobtained description being obtained 
in advance of the extracting descriptions, and a comparator, configured to determine 
whether the extracted description corresponds to. any of the at least one preobtained 
descriptions, and to, decide whether the data being transported comprises any of the 

content whose movements it is desired to monitor according to the determining. 

• . .■•■■J i,>'.v .>; . 

As described hereinabove ahd.deifiiied by claim 1, the present invention teaches a 
system v\*ich includes a transport data monitor^ connectable to a porat in a network, 
for monitoring date being transported past the point, a description extractor, 
assodated with the transport data monitor, for extracting desCTiptions of the data 
being transported, a database of at least one preobtained description of known content 
whose movements it is desired to rrionitor, the content being internally generated in 
the network in advance of the extracting. 

For example, ^the-.present application describes controlling the photocopying of 
documents prepossessed byian prgamzation, on page 49, in line 13: "Reference is now 
made to Fig. 10, wherein thereis; illustrated a further embodiment of the system 
described in Fig. 9, specifically for in^ventini; copying of classified documents using 
a photocopy machine. In. this embo^ent, a.^ptral control of a monitoring system 
1010 is connected to a. controller IWSl of cpi)y machine 1095. Many modem copy 
machines contain, a scannar that trahsforms the copied document into a digital image. 
The textual content of the. document may be , extracted from the digital image using a 
standard Optical Characto Recognition (OC^l) technique. After extraction, the textual 
content or derivatives, thereof, can be analyjKd. using a signature analyze 10101 m 
order to determine whether tiie> content comprises an unauthorized document The 
ou^ut of the analysis is then used, by a policy .manager 10102 in order to determine 
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whether to take action and if so, what action: e.g.,- not allowing photocopying of the 
documwit, auditing, saiding a message to offender^ etc". 
The present application fiather describes on page 32, line 8: "The signatures of each 
packet are compared with the signatures in the database, and each match with any of 
the pre-stored signatures .belohguig jto a particvdar content item that is represented in 
the database increases Ae likelihood that the data belongs to ihe matched content". 

Kephart examines electronic mail for determiimig if tiie mail bears patterns of S?AM, 
and blocks such mail. However, Kephart does not disclose or even hint at the idea of a 
system which includes a comparator, configured to determine whether the ejctracted 
description corresponds. to, of the at least one pre-obtained descriptions, and to 
decide whether the.data being ttansported comprises content internally generated in 
the network in fl<^flnc«, .whose mpyements it .is 4^ired to monitor, as taught by the 
piesoat invention and defined by claim 1. 

Olnowich US Patent No. 6,389,476 relates, as described in the field of invention 
section, pertains to a network adapter design .for feciUtating introduction of faster 
speed transmission products into a rietwork incli^^ 

However, Onhiowich also fills^hdrt of deseribinig>r even hinting at the idea of a 
system which includes a jsompjff^or,^^ c^ to determine whether the extracted 
description conesponds to ^y pf ;i|e at least one pre-obtained descriptions, and to 
decide whether .the dau being tran^^ comprises content internally generated in 
the network in advance, whose movemaits it is desired to monitor, as taught by the 
present invention and defined by claim 1. 

It is thus respectfully believed .flwt plaim 1 is jbpifc novel and inventive over the prior 
art, and maintained that claim jt IS a^^ 

Claim 69, as amended, defines a system for network contait control, comprising: 
a transport data monitor, . cpnned^ble to a poii?t in a netwoik, for monitoring data 
being transported past the point, a signature extractor, associated with the transport 
data monitor, for extracting a derivation of payload of flie monitored data, die 
derivation being indicaiiye of conteiii of the data,.a:database of preobtatned signatures 
of known content whose movements it is desired to monitor, the content being 
internally generated in the network in advance of the extracting, the preobtamed 
signatures being obtained V^van<^ of the extracting the derivation of the payload, a 
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compaiator for comparing the derivation with the preobtained signatures, and to 
determine vdiether the monitored data comprises any of the content whose movements 
it is desired to control, a decision-rmaking unit for producing an ^fbrcement decision, 
using ihe output of the comparator, and a bandwidth.management unit connected to 
the decision-making unit for managiug netwoik.bandwidtti assignment in accordance 
with output decisions of the policy determinator, thereby to control content 
distribution over tiie network, 

As d^cribed hereinabove, neither K^hart nor^Olnowitch describe or evai hint at the 
idea of a system which includes a cpmparator, for comparing a derivation of paylaod 
with the preobtained signatures. of known content whose movements it is desired to 
monitor, the content being internally generated in the^ network in ad\fance, as taught 
by the present invention, and defined by claim 69. , 

It is thus respectfully believed that claim 69 is both novel and inventive over the prior 
art, and maintained that claim 69 is allowable/ as taught by the present invention and 
defined by claim.69., 

Claim 109, as amended, defines z method o^f monitoring for distribution of known 
sensitive content oyer a network, the method cotnprising: obtaining extracts of data 
from at least one monitoring pomt on, the network, obtaining a signature indicative of 
content of the extracted; dats^^comp^ the'sigiiatare wifli at least one of a set of 
signatures indicative of Ae. sensitive contend content being internally 
generated in the network in advance of the obtaining extracts, the set of signatures 
being stored in advance of Ae obtaining extracts of data, determining if the extracted 
data comprises any of the.sensitive content according to the comparing, and using an 
output of the determining as an 'indication of the ppsence or absence of the sensitive 
content. _ ^ . 

As described hereinab6ve>tieither Kfephart nor',01rt6witch describe or even hint at the 
idea of a method which; includes obtaining extracts of data firom at least one 
monitoring' point on the network^ obtaining a signature indicative of content of the 
extracted data, arid comparing the signature with* at least one of a set of signatures 
indicative of the sensitive content; the sensitive content being internally generated in 
the network in advance of the obmining extrdctSi as taught by the present invention 
and defined by claim 109. 



to! ft I 
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« It is thus respectfully believed that claim 109 is both novel and inventive over the 

• ' . . ' J. ** . 

prior art, and maintained that claim 109 is allowable, as taught by the present 

invention and defined by claiin 1 09^ 

Claim 110 as amended defines a method of controlling the distribution of known 
sensitive content over a network, the method comprising: obtaining extracts of data 
fiom at least one monitoring point on the network, obtaining a signature indicative of 
content of Ae extracted data,. comparing the sign£rture with at least one of a set of 
signatures indicative of the presence of the sensitive .content, the set being stored in 
advance of the obtaining extracts of data, the sensitive content being internally 
generated in the network in advance of the obtaining extracts^ determining if the 
extracted data comprises any of the s^ .^o'^tent according to the comparing, 
usitig an output of the detenninmg -in sd^ decision, and using the 

enforcement decision in band\yidth management of the network. 

As desaibed hereinabove, neither ^Kei)hart nor.pinowitch describe or even hint at the 
idea of a method which includes obtaining:, extracts -of data fi'om at least one 
monitoring point on* the network; obtaining a signature indicative of content of tiie 
extracted data, and comparing ^the signature with at least one of a set of signatures 
indicative of the presence of^the sensitive content, the set being stored in advance of 
the obtaining extracts :of dat^i the . sensitive content being internally generated in the 
network in advance of the obtaining^ extracts, as - tau^t by the present invention and 
definedbyclaimllO. - , ,^ . : t 

It is thus rcspectfiUly.bcheY«<i,tiiat claim lip is both novel and inv^tive oyer tiie 
prior art, and miuntMn^, tiiaUcl^ 110 is dlow?''^®^ ^ taught by,, the pr^nt 
invention and defined byxlaim 1 JP. , 

All dependent claims^ are believed.. to be allowable as bdng dependent upon an 
allowable main claim. : . ; v-.- 

■' . .*■.■■' 

All of the matters raised , by ttie . Examiner have l^een dealt with and are believed to 
have been overcome. . • - i - • * i - .. 
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In view of the foregoing, it is respectfully submitted that all the claims now 
pending in the application are allowable over the cited reference. An early Notice of 
Allowance fe therefore respectfully requested. 

Respectfully submitted, 

.; Martin Moynihan 

, Registration No. 40,338 
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